Penn was among hackers targets worldwide

By Robert Moran, INQUIRER STAFF WRITER

The University of Pennsylvania was among dozens of universities worldwide that were hacked and had student and employee records posted online this week.

Penn officials issued an email Wednesday confirming the breach, which they said was limited in scope.

"Fortunately, no sensitive information that could result in identify theft, such as Social Security numbers, PennKey passwords, bank account numbers or credit card numbers are contained in the database that was compromised," the email said.

Other universities that were hacked include Harvard, Stanford, Duke, Purdue, Rutgers, Cornell, and Johns Hopkins. The University of Tokyo and Cambridge were among the those breached outside the United States.

A hacker group called Team GhostShell announced the release of the records Monday on Twitter.

The data was distributed on numerous sites with links listed on a page that Team GhostShell publicized. The page included a short statement about problems in modern education, including the increasing burden of student debt.

"We have set out to raise awareness towards the changes made in today's education, how new laws imposed by politicians affect us, our economy and overall, our way of life," the hackers wrote in a statement that included sites where the stolen information was posted.

As of Wednesday afternoon, the three sites listed for Penn no longer had the information.

Penn's email said the university is "actively investigating the situation and will share any relevant and actionable information with the approriate authorities, including law enforcement."

Stephen MacCarthy, vice president for university communications at Penn, said the affected database was taken offline and the problem had been fixed.

A spokesman for Rutgers said the university was not aware of any problems.